DOCSLIB.ORG

Security Analysis of Data Method Using MIPS Encryption Algorithm (MEA) Sangeeta

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Security Analysis of Data Method Using MIPS Encryption Algorithm (MEA) Sangeeta Security Analysis of data Method using MIPS Encryption Algorithm (MEA) Sangeeta [email protected] ABSTRACT The MEA is an integral approach of block cipher and transposition cipher method. It takes 64 bit plain text input and produces 64 bit cipher text as in IDEA with modified key schedule to avoid possibilities of weak keys. It further makes transposition of the 64 bit cipher text to 128 bit end cipher text for disk storage. The increased length of end cipher text is a trade-off between the degree of increased security to SI and the nominal cost of storage media in the present state_of_the_art development. Keywords: Encryption, Decryption, Block cipher, Transposition cipher, MEA 1. INTRODUCTION Since PCs can be utilized to rapidly break credulous cryptosystems one should utilize encryption calculations that are free from and scientific shortcomings and that are computationally infeasible to break by making splitting additional tedious. In the meantime, the computational multifaceted nature of encryption and unscrambling ought to be inside sensible points of confinement since they speak to handling overheads too. One calculation that is accepted to give a sensible trade off among these necessities depends on the Data Encryption Standards (DES) [4,5,10]. For as far back as 20 years, the best security the greater part of us have caught wind of has been given by DES. In spite of the fact that there has been a shortcoming of shrouded trapdoors through s- encloses DES [6,10], still it has been a decent and secure calculation against the mid seventies innovations. Presently with the appearance of rapid PCs it is confronting more feedback for not sufficiently giving security due to its 56 bit key size. Some different calculations gave likewise been produced at the appointed time of time, for example, An Application of Chinese Remainder Theorem to Multiple-enter encryption in Database Systems[3] and A High Performance Encryption Algorithm [11] and so on.. These calculations likewise confront feedback for break because of existing break strategies like Brute power, Linear and Differential cryptanalytic techniques [14] and the advancement of high handling pace of PCs. Keeping in mind the end goal to stay away from any cryptanalytic assault on figure content as a result of little key length in DES [6,10] another outstanding calculation IDEA (International Data Encryption Algorithm) [13], on 128 piece key with a square figure technique has been produced. It gives an intense encryption that opposes to a break plausibility emerging from fast of PCs of today and propelled break strategies [14]. This calculation deals with 64 bit 575 | P a g e plain content information and produces 64 bit figure content. The outline theory behind this calculation is one of the blending activities from various arithmetical gatherings. In contrast with DES, the calculation IDEA is by all accounts a more secure proposition in light of its 128 piece key approach yet to what extent it can remain to the difficulties postured by cryptanalytic strategies and expanding velocity of PCs is as yet an inquiry. The security of a figuring framework is such a testing field, to the point that it requests presentation of more up to date thoughts ordinary. The present encryption calculation named as MIPS1 Encryption Algorithm (MEA) is a stage forward toward this path and gives encourage protection from break than IDEA. The Multilevel Information Protection System (MIPS) is an Information System which provides a relatively higher degree of security to a Sensitive Information (SI). The security to SI in MIPS is given by a MIPS Encryption Algorithm (MEA) and System Run Time Checker (SRTC): an Authentication module. The MEA works on user supplied 128 bit key whereas SRTC keeps monitoring of all unauthorized access on SI. II MIPS Encryption Algorithm (MEA) The MIPS Encryption Algorithm (MEA) chips away at symmetric key framework and is a change of IDEA [13] for more grounded encryption. It encodes SI in two passes. In the main pass it scrambles a contribution of 64 bit plain content (PT) in 64 bit figure content (CT2) utilizing square figure strategy with changed key timetable to take out frail keys of IDEA. The second pass changes over CT in end figure content (ECT) utilizing transposition figure strategy. The ECT at that point is utilized for capacity of encoded SI on circle. The expanded length of ECT can be viewed as an exchange off between the high security gave by this calculation and the ostensible cost of plate stockpiling media in current situation with the-workmanship advancement. The different strides of encryption/decoding of plain content in end figure content are appeared as takes after: Generation of encryption keys to encrypt PT in CT, Encryption of PT in CT, Encryption of CT in ECT, Decryption of ECT to CT, Generation of decryption keys to decrypt ECT to CT, Decryption of CT to PT 2.1 Generation of Encryption Keys to Encrypt PT in CT : The MIPS Encryption Algorithm is intended to encode SI in two passes. In the principal pass it scrambles a 64 bit plain content (PT) in 64 bit figure 576 | P a g e content (CT). It requires a sum of 52 encryption keys with 16 bits each as in IDEA [13]. These 52 encryption keys are created from client inputted 128 piece enter by isolating it into 8 encryption keys with 16 bits each. The 96 bits out of 128 bits i.e. 6 encryption keys are utilized as a part of round1 of pass1. CT is utilized for transmission over Computer Networks. The rest of the 32 bits are the initial two encryption keys for cycle 2. The 64 bits for four residual encryption keys of round2 are produced from coherent turn and Exclusive-OR task on encryption keys acquired from client provided 128 piece key. The third encryption key of round2 is produced from an Exclusive-OR task of 7 bits sensibly left pivoted first encryption key with legitimately 8 bits right turned second encryption key of round1. When all is said in done, the ith encryption key (9 < I < 52) is created from an Exclusive-OR activity of 7 bits legitimately left turned (I – 8)th encryption key with intelligently 8 bits right pivoted (I – 7)th encryption key. 2.2 Encryption of Plain Text in Cipher Text : Given a 64 bit plain text MEA converts it in a 64 bit cipher text as IDEA3 with modified key schedule. It uses one logical and two algebraic operations for encryption as follows : Exclusive OR i.e. xy = z, xz = y, yz = x Addition Modulo 216 (ignoring any overflow) i.e. Addition Modulo 216 of x and y is (x+y) & 65535 (& stands for masking) ; Multiplication Modulo 216+1 (ignoring any overflow) : We denote this operation as mul and show its result on two numbers x and y. This function is explained below : unsigned mul(x,y) unsigned x, y ; 3 We have changed the notations of IDEA as per our convenience. { long int p ; long unsigned q ; if (x == 0) { p = 65537 – y} else if (y = = 0) { p = 65537 – x } else { q = x * y ; p = (q & 65535) – (q >> 16) ; if (p <= 0) p = p + 65537 ; } return (unsigned) ( p & 65535) } ; The MEA divides 64 bit plain text data block in four sub-blocks as (pt1, pt2, pt3, pt4). It performs the operations as described above on these sub-blocks for eight rounds. After each round it produces four 577 | P a g e intermediate output sub-blocks as ct11, ct12, ct13, ct14. The sequence of operations in each round is as follows : (Notations :: : Exclusive OR, : multiplication modulo 216 + 1 and & : masking ) ct1 = pt1k1 ; ct2 = (pt2 + k2) & 65535 ; ct3 = )pt3 + k3) & 65535 ; ct4 = pt4 k4 ; ct5 = ct1 ct3 ; ct6 = ct2 ct4 ; ct7 = ct5 k5 ; ct8 = (ct8 + ct7) & 65535 ; ct9 = ct8 k6; ct10 = (ct7 + ct9) & 65535 ; ct11 = ct1 ct9 ; ct12 = ct3 ct9 ; ct13 = ct2 ct10 ; ct14 = ct4 ct10 ; Here, the intermediate output after round1 is the four sub-blocks ct11, ct12, ct13 and ct14. The input data block for round2 is produced by swapping two inner sub-blocks i.e. ct12 and ct13. Thus the input data block for round2 is (pt1, pt2, pt3, pt4) such that : pt1 = ct11 ; pt2 = ct13 ; pt3 = ct12 ; pt4 = ct14 ; This input (pt1, pt2, pt3, pt4) is encrypted by using the encryption keys of round2 with a similar set of operations as performed above in round1. This process of encryption should be repeated for 8 rounds. The final output after round8 will have following operations : ct1 = pt1 k1; ct2 = (pt2 + k2) & 65535 ; ct3 = (pt3 + k3) & 65535 ; ct4 = pt4 k4 ; Thus, MEA outputs 64 bit cipher text (ct1, ct2, ct3, ct4) from the plain text (pt1, pt2, pt3, pt4) at the end of pass 1. 2.3 Encryption of Cipher Text in End Cipher Text : The pass 2 of the MEA converts 64 bit cipher text in 128 bit end cipher text (figure 1). We apply transposition cipher method in this pass. The input for this 8 pass is the end product of pass1 i.e. cipher text {(ct1, ct2, ct3, ct4) where each cti is of 16 bits}. We apply 2 modulo operation on each 16 bit sub-block of cipher text to split it into two components. Likewise all four sub-blocks of cipher text are split as under : ct1 = (ct11, ct12) ; ct2 = (ct21, ct22) ; ct3 = (ct31, ct32) ; ct4 = (ct41, ct42), 8 8 Here cti1 = cti mod 2 and cti2 = cti1 ((cti – cti1) / 2 ), [ : Exclusive – OR]. Thus the input block produced for transposition in pass2 is a 128 bit block (ct11, ct12, ct21, ct22, ct31, ct32, ct41, ct42).
Load more

Recommended publications
  • US 2007/0043.668A1 Baxter Et Al
    US 2007.0043.668A1 (19) United States (12) Patent Application Publication (10) Pub. No.: US 2007/0043.668A1 Baxter et al. (43) Pub. Date: Feb. 22, 2007 (54) METHODS AND SYSTEMS FOR Related U.S. Application Data NEGOTABLE-INSTRUMENT FRAUD PREVENTION (63) Continuation of application No. 10/371,984, filed on Feb. 20, 2003, now Pat. No. 7,072,868. (75) Inventors: Craig A. Baxter, Castle Rock, CO (US); John Charles Ciaccia, Parker, Publication Classification CO (US); Rodney J. Esch, Littleton, CO (US) (51) Int. Cl. G06Q 99/00 (2006.01) Correspondence Address: (52) U.S. Cl. ................................................................ 705/50 TOWNSEND AND TOWNSEND AND CREW, LLP (57) ABSTRACT TWO EMBARCADERO CENTER EIGHTH FLOOR SAN FRANCISCO, CA 94111-3834 (US) An authentication value is provided in a magnetic-ink field of a negotiable instrument. The authentication value is (73) Assignee: First Data Corporation, Greenwood derived from application of an encryption algorithm defined Village, CO (US) by a secure key. The authentication value may be used to authenticate the instrument through reapplication of the (21) Appl. No.: 11/481,062 encryption algorithm and comparing the result with the authentication value. The instrument is authenticated if there (22) Filed: Jul. 3, 2006 is a match between the two. 530 instrument Presented at Port of Sae instrument Conveyed to First Financial MCR line Scanned and instrument 534 Institution Authenticated at Point of Sale 538 Electronic Package Generated with MICR-Line Information andlor image 542 Electronic
    [Show full text]
  • Foreword by Whitfield Diffie Preface About the Author Chapter 1
    Applied Cryptography: Second Edition - Bruce Schneier Applied Cryptography, Second Edition: Protocols, Algorthms, and Source Code in C by Bruce Schneier Wiley Computer Publishing, John Wiley & Sons, Inc. ISBN: 0471128457 Pub Date: 01/01/96 Foreword By Whitfield Diffie Preface About the Author Chapter 1—Foundations 1.1 Terminology 1.2 Steganography 1.3 Substitution Ciphers and Transposition Ciphers 1.4 Simple XOR 1.5 One-Time Pads 1.6 Computer Algorithms 1.7 Large Numbers Part I—Cryptographic Protocols Chapter 2—Protocol Building Blocks 2.1 Introduction to Protocols 2.2 Communications Using Symmetric Cryptography 2.3 One-Way Functions 2.4 One-Way Hash Functions 2.5 Communications Using Public-Key Cryptography 2.6 Digital Signatures 2.7 Digital Signatures with Encryption 2.8 Random and Pseudo-Random-Sequence Generation Chapter 3—Basic Protocols 3.1 Key Exchange 3.2 Authentication 3.3 Authentication and Key Exchange 3.4 Formal Analysis of Authentication and Key-Exchange Protocols 3.5 Multiple-Key Public-Key Cryptography 3.6 Secret Splitting 3.7 Secret Sharing 3.8 Cryptographic Protection of Databases Chapter 4—Intermediate Protocols 4.1 Timestamping Services 4.2 Subliminal Channel 4.3 Undeniable Digital Signatures 4.4 Designated Confirmer Signatures 4.5 Proxy Signatures 4.6 Group Signatures 4.7 Fail-Stop Digital Signatures 4.8 Computing with Encrypted Data 4.9 Bit Commitment 4.10 Fair Coin Flips 4.11 Mental Poker 4.12 One-Way Accumulators 4.13 All-or-Nothing Disclosure of Secrets Page 1 of 666 Applied Cryptography: Second Edition - Bruce
    [Show full text]
  • Ontario Superior Court of Justice
    CourtFileNo.: CV-17- -OOCP ONTARIO SUPERIOR COURT OF JUSTICE MATTER OF a Proceeding under the Class Proceedings Act, 1992, S.O. 1992, C. 6 ARLENE MCDOWELL and BRYAN MADRYGA Plaintiffs - and- FORTRESS REAL CAPITAL INC., FORTRESS REAL DEVELOPMENTS INC., JAWAD RA TH ORE, VINCENZO PETROZZA, LAMB CALGARY INC., ORCHARD CALGARY INC., BUILDING & DEVELOPMENT MORTGAGES CANADA INC., ILDINA GALATI, FFM CAPITAL INC., ROSALIA SPADAFORA, KRISH KOCHHAR, TONY MAZZO LI, SAUL PERLOV, FMP MORTGAGE INVESTMENTS INC., MICHAEL DARAMOLA, TONINO AMENDOLA, GRAHAM MCWATERS, DEREK SORRENTI, GRANT MORGAN, SORRENTI LAW PROFESSIONAL CORPORATION, OLYMPIA TRUST COMPANY Defendants STATEMENT OF CLAIM TO THE DEFENDANT(S): A LEGAL PROCEEDING HAS BEEN COMMENCED AGAINST YOU by the Plaintiff. The Claim made against you is set out in the following pages. IF YOU WISH TO DEFEND THIS PROCEEDING, you or an Ontario lawyer acting for you must prepare a Statement of Defence in Form l 8A prescribed by the Rules of Civil Procedure, serve it on the Plaintiff lawyer or, where the Plaintiff do not have a lawyer, serve it on the Plaintiff, and file it, with proof of service, in this court office, WITHIN TWENTY DAYS after this Statement of Claim is served on you, if you are served in Ontario. If you are served in another province or territory of Canada or in the United States of America, the period for serving and filing your Statement of Defence is forty days. If you are served outside Canada and the United States of America, the period is sixty days. Instead of serving and filing a Statement of Defence, you may serve and file a Notice of Intent to Defend in Form 18B prescribed by the Rules of Civil Procedure.
    [Show full text]
  • 7.4.2 DES Algorithm DES Is a Feistel Cipher Which Processes Plaintext Blocks of N =64Bits, Producing 64-Bit Ciphertext Blocks (Figure 7.8)
    252 Ch. 7 Block Ciphers 7.4.2 DES algorithm DES is a Feistel cipher which processes plaintext blocks of n =64bits, producing 64-bit ciphertext blocks (Figure 7.8). The effective size of the secret key K is k =56bits; more precisely, the input key K is speci®ed as a 64-bit key, 8 bits of which (bits 8; 16;::: ;64) may be used as parity bits. The 256 keys implement (at most) 256 of the 264! possible bijec- tions on 64-bit blocks. A widely held belief is that the parity bits were introduced to reduce the effective key size from 64 to 56 bits, to intentionally reduce the cost of exhaustive key search by a factor of 256. K K plaintext P 56 56 ciphertext C K 64key 64 −1 PCDESC DES P Figure 7.8: DES input-output. Full details of DES are given in Algorithm 7.82 and Figures 7.9 and 7.10. An overview follows. Encryption proceeds in 16 stages or rounds. From the input key K, sixteen 48-bit subkeys Ki are generated, one for each round. Within each round, 8 ®xed, carefully selected 6-to-4 bit substitution mappings (S-boxes) Si, collectively denoted S, are used. The 64-bit plaintext is divided into 32-bit halves L0 and R0. Each round is functionally equivalent, taking 32-bit inputs Li−1 and Ri−1 from the previous round and producing 32-bit outputs Li and Ri for 1 ≤ i ≤ 16, as follows: Li = Ri−1; (7.4) Ri = Li−1 ⊕ f(Ri−1;Ki); where f(Ri−1;Ki)=P (S(E(Ri−1) ⊕ Ki))(7.5) Here E is a ®xed expansion permutation mapping Ri−1 from 32 to 48 bits (all bits are used once; some are used twice).
    [Show full text]
  • A Advanced Encryption Standard See AES AES 35–64 AES Process And
    Index A DFC and DFC v2 196, 199 E2 196 Advanced Encryption Standard see AES FEAL and FEAL-NX 194, 198, 202–203 AES 35–64 FOX 199 AES process and finalists 196 FROG 196 algebraic attack 60 GOST 194 bottleneck attack 58 Grand Cru 198 key schedule 45, 178 Hasty Pudding Cipher 196 related-key attack 62 Hierocrypt-L1 and Hierocrypt-3 198 s-box 44, 50, 191 Hight 200 side-channel cryptanalysis 63 ICE 195 square attack 55 IDEA 194, 198, 205–207 algebraic attack see AES KASUMI 178, 185, 207–212 amplified boomerang attack see differential KFC 199 cryptanalysis Khazad 198 authenticated encryption 82–85 Khufu and Khafre 194 CCM 83 LION and LIONESS 195 EAX 84 LOKI, LOKI91, and LOKI97 194, 196 Lucifer 13, 194 B Madygra 194 Magenta 196 block cipher MARS 196, 198 3-way 195 mCrypton 200 Akelarre 195 Mercy 199 Anubis 191, 198 MISTY 185, 191, 195, 198, 207 BaseKing 195 MULTI2 194 BEAR 195 Nimbus 198 Blowfish 195 Noekeon 198 Camellia 198 NUSH 198 CAST-128 and CAST-256 195, 196 PES and IPES 194 CIPHERUNICORN-A 198 PRESENT 191, 200, 217–218 CIPHERUNICORN-E 198 Q 198 Clefia 200 RC2 194 Crypton 196 RC5 179, 195, 212–214 CS-Cipher 198 RC6 196, 198 DEAL 179, 196 REDOC II 194 DES-based variants see DES Rijndael see AES, 195 L.R. Knudsen and M.J.B. Robshaw, The Block Cipher Companion, Information Security 221 and Cryptography, DOI 10.1007/978-3-642-17342-4, © Springer-Verlag Berlin Heidelberg 2011 222 Index SAFER and variants 195, 196, 198 boomerang attack 162 SC2000 198 countermeasures 184 SEA 200 definition of difference 145 Serpent 178, 196, 197 difference distribution
    [Show full text]
  • Introduction to Cryptography
    Introduction to Cryptography By Marcus K. G. Adomey Chief Operations Manager AfricaCERT Email: [email protected] OVERVIEW . Cryptography Definition Terminology History Goal and Services . Types of Cryptography Symmetric Key Cryptography Asymmetric Key Cryptography Hash Functions CRYPTOGRAPHY Definition Terminology History Goal and Services Cryptography Definition Cryptography is the science of using mathematics to encrypt and decrypt data. Phil Zimmermann Cryptography is the art and science of keeping messages secure. Bruce Schneier The art and science of concealing the messages to introduce secrecy in information security is recognized as cryptography. Cryptography Terminologies A message is plaintext (sometimes called cleartext). The process of disguising a message in such a way as to hide its substance is encryption. An encrypted message is ciphertext. The process of turning ciphertext back into plaintext is decryption. A cipher (or cypher) is an algorithm for performing encryption or decryption—a series of well-defined steps that can be followed as a procedure. Cryptography Terminology A cryptosystem is an implementation of cryptographic techniques and their accompanying infrastructure to provide information security services. A cryptosystem is also referred to as a cipher system. The various components of a basic cryptosystem are as follows − . Plaintext . Encryption Algorithm . Ciphertext . Decryption Algorithm . Encryption Key . Decryption Key Cryptography Terminology While cryptography is the science of securing data, cryptanalysis is the science of analyzing and breaking secure communication. Classical cryptanalysis involves an interesting combination of analytical reasoning, application of mathematical tools, pattern finding, patience, determination, and luck. Cryptanalysts are also called attackers. Cryptology embraces both cryptography and cryptanalysis. Cryptography History of Cryptography History of Cryptography History of Cryptography As civilizations evolved, human beings got organized in tribes, groups, and kingdoms.
    [Show full text]
  • Towards a Unifying View of Block Cipher Cryptanalysis
    Towards a unifying view of block cipher cryptanalysis David Wagner⋆ University of California, Berkeley Abstract. We introduce commutative diagram cryptanalysis, a frame- work for expressing certain kinds of attacks on product ciphers. We show that many familiar attacks, including linear cryptanalysis, differential cryptanalysis, differential-linear cryptanalysis, mod n attacks, truncated differential cryptanalysis, impossible differential cryptanalysis, higher- order differential cryptanalysis, and interpolation attacks can be ex- pressed within this framework. Thus, we show that commutative diagram attacks provide a unifying view into the field of block cipher cryptanal- ysis. Then, we use the language of commutative diagram cryptanalysis to compare the power of many previously known attacks. Finally, we introduce two new attacks, generalized truncated differential cryptanaly- sis and bivariate interpolation, and we show how these new techniques generalize and unify many previous attack methods. 1 Introduction How do we tell if a block cipher is secure? How do we design good ciphers? These two questions are central to the study of block ciphers, and yet, after decades of research, definitive answers remain elusive. For the moment, the art of cipher evaluation boils down to two key tasks: we strive to identify as many novel cryptanalytic attacks on block ciphers as we can, and we evaluate new designs by how well they resist known attacks. The research community has been very successful at this task. We have accu- mulated a large variety of different attack techniques: differential cryptanalysis, linear cryptanalysis, differential-linear attacks, truncated differential cryptanal- ysis, higher-order differentials, impossible differentials, mod n attacks, integrals, boomerangs, sliding, interpolation, the yo-yo game, and so on.
    [Show full text]
  • My Crazy Boss Asked Me to Design a New Block Cipher. What's Next?
    Advanced Block Cipher Design My crazy boss asked me to design a new block cipher. What’s next? Pascal Junod University of Applied Sciences Western Switzerland Pascal Junod -- Advanced Block Cipher Design 1 ECRYPT II Summer School - May 31st, 2011, Albena, Bulgaria Outline •High-Level Schemes •Confusion •Diffusion •Key-Schedule •Beyond the Design Pascal Junod -- Advanced Block Cipher Design 2 ECRYPT II Summer School - May 31st, 2011, Albena, Bulgaria Introduction Pascal Junod -- Advanced Block Cipher Design 3 ECRYPT II Summer School - May 31st, 2011, Albena, Bulgaria Some Simple Facts • As of today, nobody knows how to design a (mathematically proven) secure block cipher. • Problem related to fundamental open questions in mathematics/computer science • A secure block cipher is a block cipher that nobody can break... • A good block cipher is a secure block cipher that people like to implement. Pascal Junod -- Advanced Block Cipher Design 4 ECRYPT II Summer School - May 31st, 2011, Albena, Bulgaria So many Designs in the Hierocrypt G-DES Wild... LOKI MacGuffin LION RC2 Akellare Coconut98 DFC Square E0 Twofish Anubis CAST Skipjack CS-Cipher DEAL Shark RC5 Rijndael IDEA Camellia Aria Present Noekeon Magenta DES-X Threefish RC6 Seed Mars FOX Serpent BassOmatic GOST DES MESH 3-Way E2 TEA Blowfish Misty XTEA Triple DES Cipherunicorn BEAR CLEFIA FEAL XXTEA 5 Madryga Designing a New Block Cipher • Several good and bad reasons: • Faster/smaller than any other one ✔ • With «better» security guarantees than any other one ✔✔ • My boss crazily asked me to design a new, secret (!) and patented (!!) block cipher ~ • Not enough proposals/diversity in the wild ✖ • I desperately need to publish something to finish my PhD thesis ! ✖ Pascal Junod -- Advanced Block Cipher Design 6 ECRYPT II Summer School - May 31st, 2011, Albena, Bulgaria Designing a New Block Cipher • Claude E.
    [Show full text]
  • APPLIED CRYPTOGRAPHY, SECOND EDITION: Protocols, Algorithms, and Source Code in C:Table of Contents
    To access the contents, click the chapter and section titles. Applied Cryptography, Second Edition: Protocols, Algorthms, and Source Code in C (cloth) (Publisher: John Wiley & Sons, Inc.) Author(s): Bruce Schneier ISBN: 0471128457 Publication Date: 01/01/96 Brief Full Advanced Search Search Tips Search this book: Foreword by Whitfield Diffie Preface About the Author Chapter 1—Foundations 1.1 Terminology 1.2 Steganography 1.3 Substitution Ciphers and Transposition Ciphers 1.4 Simple XOR 1.5 One-Time Pads 1.6 Computer Algorithms 1.7 Large Numbers Part I—Cryptographic Protocols Chapter 2—Protocol Building Blocks 2.1 Introduction to Protocols 2.2 Communications Using Symmetric Cryptography 2.3 One-Way Functions 2.4 One-Way Hash Functions 2.5 Communications Using Public-Key Cryptography 2.6 Digital Signatures 2.7 Digital Signatures with Encryption 2.8 Random and Pseudo-Random-Sequence Generation Chapter 3—Basic Protocols 3.1 Key Exchange 3.2 Authentication 3.3 Authentication and Key Exchange 3.4 Formal Analysis of Authentication and Key-Exchange Protocols 3.5 Multiple-Key Public-Key Cryptography 3.6 Secret Splitting 3.7 Secret Sharing 3.8 Cryptographic Protection of Databases Chapter 4—Intermediate Protocols 4.1 Timestamping Services 4.2 Subliminal Channel 4.3 Undeniable Digital Signatures 4.4 Designated Confirmer Signatures 4.5 Proxy Signatures 4.6 Group Signatures 4.7 Fail-Stop Digital Signatures 4.8 Computing with Encrypted Data 4.9 Bit Commitment 4.10 Fair Coin Flips 4.11 Mental Poker 4.12 One-Way Accumulators 4.13 All-or-Nothing Disclosure
    [Show full text]
  • United States Patent (19) 11 Patent Number: 5,724,428 Rivest 45) Date of Patent: Mar
    US005724428A United States Patent (19) 11 Patent Number: 5,724,428 Rivest 45) Date of Patent: Mar. 3, 1998 54 BLOCK ENCRYPTIONALGORTHM WITH 5,351.299 9/1994 Matsuzaki et al. ....................... 38037 DATA-DEPENDENT ROTATIONS 5,454,039 9/1995 Coppersmith et al. ................... 380/28 75) Inventor: Ronald L. Rivest, Arlington, Mass. OTHER PUBLICATIONS Ronald L. Rivest, “The RC5 Encryption Algorithm". Dr. 73) Assignee: RSA Data Security, Inc.. Redwood Dobb's Journal, Jan. 1995 pp. 146-148. City, Calif. Applied Cryptography, Protocols, Algorithms, and Source Code in C, Bruce Schneier, pp. 154-185: 219–272. (21) Appl. No.: 548,318 "A High Performance Encryption Algorithm." W.E. 22 Filed: Nov. 1, 1995 Madryga, Computer Secuirty, pp. 557-570. (51) Int. Cl. ........................... H04L 9/06 Primary Examiner Thomas H. Tarcza 52 U.S. Cl. .................. 380/37:380/28; 380/43 Assistant Examiner-Pinchus M. Laufer (58) Field of Search .................................. 380/37, 42, 43, Attorney, Agent, or Firm-Nixon & Vanderhye PC. 380/44, 46, 57, 28, 9.50; 364/717 57 ABSTRACT 56 References Cited A simple encryption and decryption device has been devel oped. The underlying algorithm is a fast block cipher that U.S. PATENT DOCUMENTS may be implemented efficiently in hardware or software. 4.078,152 3/1978 Tuckerman, III ......................... 380/37 The algorithm makes heavy use of data-dependent rotations. 4,157,454 6/1979 Becker .............. ... 380/37 The amount of each rotation depends on the data being 4.249,180 2/1981 Eberde et al. ... 380/37 encrypted and intermediate encryption results. The variables 4,255,811 3/1981 Adler .......
    [Show full text]
  • (12) United States Patent (10) Patent No.: US 6,182,216 B1 Luyster (45) Date of Patent: Jan
    US006182216B1 (12) United States Patent (10) Patent No.: US 6,182,216 B1 Luyster (45) Date of Patent: Jan. 30, 2001 (54) BLOCK CIPHER METHOD nology Laboratory National Institute of Standards and Technology. (76) Inventor: Frank C. Luyster, 100 Riverside La., Riverside, CT (US) 06878 Burton S. Kaliski Jr. and Yiqun Lisa Yin, On Differential and Linear Cryptanalysis of the RC5 Encryption Algorithm, (*) Notice: Under 35 U.S.C. 154(b), the term of this Lecture Notes in Computer Science, vol. 963, pp. 171-184, patent shall be extended for 0 days. Aug. 1995. (21) Appl. No.: 09/154.391 (List continued on next page.) (22) Filed: Sep. 16, 1998 Related U.S. Application Data Primary Examiner Thomas R. Peeso (60) Provisional application No. 60/059,142, filed on Sep. 17, 1997, provisional application No. 60/062.992, filed on Oct. (74) Attorney, Agent, or Firm-Cantor Colburn LLP 23, 1997, provisional application No. 60/064.331, filed on Oct. 30, 1997, provisional application No. 60/094,632, filed (57) ABSTRACT on Jul. 30, 1998, provisional application No. 60/096,788, filed on Aug. 17, 1998, provisional application No. 60/096, A data encryption System for encrypting an n-bit block of 921, filed on Aug. 18, 1998, and provisional application No. 60/098,905, filed on Sep. 2, 1998. input in a plurality of rounds is presented, where n is preferably 128 bits or more. The data encryption system (51) Int. Cl. ................................................. G06F 1/26 includes a computing unit for the execution of each round; (52) U.S. Cl.
    [Show full text]
  • Cryptanalysis of Akelarre 1 Description of Akelarre
    Cryptanalysis of Akelarre Niels Ferguson Bruce Schneier DigiCash bv Counterpane Systems Kruislaan 419 101 E Minnehaha Parkway 1098 VA Amsterdam, Netherlands Minneap olis, MN 55419, USA [email protected] [email protected] July 23, 1997 Abstract We showtwo practical attacks against the Akelarre blo ck cipher. The b est 42 attack retrieves the 128-bit key using less than 100 chosen plaintexts and 2 o -line trial encryptions. Our attacks use a weakness in the round function that preserves the parity of the input, a set of 1-round di erential character- istics with probability1, and the lackofavalanche and one-way prop erties in the key-schedule. We suggest some ways of xing these immediate weak- nesses, but conclude that the algorithm should be abandoned in favor of b etter-studied alternatives. 1 Description of Akelarre Akelarre [AGMP96A , AGMP96B ] is a 128-bit blo ck cipher that uses the same overall structure as idea [LMM91 ]; instead of idea's 16-bit sub-blo cks Akelarre uses 32-bit sub-blo cks. Furthermore, Akelarre do es not use mo dular multiplica- tions, but instead uses a combination of a 128-bit key-dep endent rotate at the b eginning of each round, and rep eated key additions and data-dep endent rota- 1 tions in its MA-b ox called an \addition-rotation structure" in Akelarre. Akelarre is de ned for a variable-length key and a variable numb er of rounds. The authors recommend using Akelarre with four rounds and a 128-bit key; this is the version that we will cryptanalyze.
    [Show full text]